description = [[ ]] author = "Ron Bowes" license = "Same as Nmap--See http://nmap.org/book/man-legal.html" categories = {} require "pe" require "nsedebug" prerule = function() return true end action = function() local files = {} table.insert(files, io.open("/home/ron/tmp/kernel32.dll", "rb")) -- table.insert(files, io.open("/home/ron/tmp/user32.dll", "rb")) -- table.insert(files, io.open("/home/ron/tmp/ws2_32.dll", "rb")) -- table.insert(files, io.open("/home/ron/tmp/calc.exe", "rb")) -- table.insert(files, io.open("/home/ron/tmp/nmap.exe", "rb")) -- table.insert(files, io.open("/home/ron/tmp/python26.dll", "rb")) for i, file in ipairs(files) do if(not(file)) then return "File not found!" end local data = file:read(102400000) local status, result = pe.parse_from_string(data) if(not(status)) then return "Error: " .. result else io.write(nsedebug.tostr(result)) end local virtual_address = result['pe_offset'] + result['sections']['.rsrc']['pointer_to_raw_data'] local virtual_size = result['sections']['.rsrc']['virtual_size'] local test = string.sub(data, virtual_address, virtual_address + virtual_size) nsedebug.print_hex(test) end return "TEST!" end